Java tutorial
/** * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.jxtadoop.security; import java.io.IOException; import java.security.AccessController; import java.security.Principal; import java.util.Set; import javax.security.auth.Subject; import javax.security.auth.login.LoginException; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.jxtadoop.conf.Configuration; import org.apache.jxtadoop.io.Writable; /** A {@link Writable} abstract class for storing user and groups information. */ public abstract class UserGroupInformation implements Writable, Principal { public static final Log LOG = LogFactory.getLog(UserGroupInformation.class); private static UserGroupInformation LOGIN_UGI = null; private static final ThreadLocal<Subject> currentUser = new ThreadLocal<Subject>(); /** @return the {@link UserGroupInformation} for the current thread */ public static UserGroupInformation getCurrentUGI() { Subject user = getCurrentUser(); if (user == null) { user = currentUser.get(); if (user == null) { return null; } } Set<UserGroupInformation> ugiPrincipals = user.getPrincipals(UserGroupInformation.class); UserGroupInformation ugi = null; if (ugiPrincipals != null && ugiPrincipals.size() == 1) { ugi = ugiPrincipals.iterator().next(); if (ugi == null) { throw new RuntimeException("Cannot find _current user_ UGI in the Subject!"); } } else { throw new RuntimeException("Cannot resolve current user from subject, " + "which had " + ugiPrincipals.size() + " UGI principals!"); } return ugi; } /** * Set the {@link UserGroupInformation} for the current thread * @deprecated Use {@link #setCurrentUser(UserGroupInformation)} */ @Deprecated public static void setCurrentUGI(UserGroupInformation ugi) { setCurrentUser(ugi); } /** * Return the current user <code>Subject</code>. * @return the current user <code>Subject</code> */ static Subject getCurrentUser() { return Subject.getSubject(AccessController.getContext()); } /** * Set the {@link UserGroupInformation} for the current thread * WARNING - This method should be used only in test cases and other exceptional * cases! * @param ugi {@link UserGroupInformation} for the current thread */ public static void setCurrentUser(UserGroupInformation ugi) { Subject user = SecurityUtil.getSubject(ugi); currentUser.set(user); } /** Get username * * @return the user's name */ public abstract String getUserName(); /** Get the name of the groups that the user belong to * * @return an array of group names */ public abstract String[] getGroupNames(); /** Login and return a UserGroupInformation object. */ public static UserGroupInformation login(Configuration conf) throws LoginException { if (LOGIN_UGI == null) { LOGIN_UGI = UnixUserGroupInformation.login(conf); } return LOGIN_UGI; } /** Read a {@link UserGroupInformation} from conf */ public static UserGroupInformation readFrom(Configuration conf) throws IOException { try { return UnixUserGroupInformation.readFromConf(conf, UnixUserGroupInformation.UGI_PROPERTY_NAME); } catch (LoginException e) { throw (IOException) new IOException().initCause(e); } } }